CVE-2026-22874 - CERT CVE
ID CVE-2026-22874
Sažetak Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering.
Reference
CVSS
Base: 9.6
Impact: 5.8
Exploitability:3.1
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Zadnje važnije ažuriranje 07-07-2026 - 18:16
Objavljeno 03-07-2026 - 21:16